what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-02-05

Ubuntu Security Notice USN-2099-1
Posted Feb 5, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2099-1 - It was discovered that Perl's Locale::Maketext module incorrectly handled backslashes and fully qualified method names. An attacker could possibly use this flaw to execute arbitrary code when an application used untrusted templates.

tags | advisory, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2012-6329
SHA-256 | da5f11c08898e9ebb91735f266683b787a02a7ceb86277819ba80fa40377ef5c
Debian Security Advisory 2855-1
Posted Feb 5, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2855-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

tags | advisory
systems | linux, debian
advisories | CVE-2011-3944, CVE-2013-0845, CVE-2013-0846, CVE-2013-0849, CVE-2013-0865, CVE-2013-7010, CVE-2013-7014, CVE-2013-7015
SHA-256 | cdb059b02b1c23f6f02f9dd887c04116c1ac664ba252de491d1b90de3671310e
Red Hat Security Advisory 2014-0140-01
Posted Feb 5, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0140-01 - Apache Camel is a versatile open-source integration framework based on known Enterprise Integration Patterns. A flaw was found in Apache Camel's parsing of the FILE_NAME header. A remote attacker able to submit messages to a Camel route, which would write the provided message to a file, could provide expression language expressions in the FILE_NAME header that would be evaluated on the server. This could lead to arbitrary remote code execution in the context of the Camel server process. All users of the affected products as provided from the Red Hat Customer Portal are advised to apply this update.

tags | advisory, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2013-4330
SHA-256 | bc81dc060c390772a5b1a581a7e8a45b6cf676ad3b0ee4a9c285540cd86c822d
Debian Security Advisory 2854-1
Posted Feb 5, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2854-1 - Several issues have been discovered in mumble, a low latency VoIP client.

tags | advisory
systems | linux, debian
advisories | CVE-2014-0044, CVE-2014-0045
SHA-256 | 2088706e534cc92d82d75d5bd65c599453c66a2ff6edd852ddb061bb3f67c104
Gentoo Linux Security Advisory 201402-05
Posted Feb 5, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-5 - An environment variable processing error has been reported in Banshee, possibly allowing local attacker to load a specially crafted shared library. Versions less than 1.8.0-r1 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2010-3998
SHA-256 | 5362eccb6bd0ca934ad8ca51d060f512601e464387821acb53503ff47a5b4e77
Red Hat Security Advisory 2014-0139-01
Posted Feb 5, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0139-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. Multiple heap-based buffer overflow flaws were found in several protocol plug-ins in Pidgin. A malicious server could send a specially crafted message, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin.

tags | advisory, web, overflow, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2012-6152, CVE-2013-6477, CVE-2013-6478, CVE-2013-6479, CVE-2013-6481, CVE-2013-6482, CVE-2013-6483, CVE-2013-6484, CVE-2013-6485, CVE-2013-6487, CVE-2013-6489, CVE-2013-6490, CVE-2014-0020
SHA-256 | 02c189bcb1976a4f4f88111e98a6e444bb4d4b7b3022798749683cfa0197b660
i-doit Pro 1.2.4 Cross Site Scripting
Posted Feb 5, 2014
Authored by Stephan Rickauer | Site csnc.ch

i-doit Pro version 1.24 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-1237
SHA-256 | 85742c3414a02c3893bedfb6f3301566ed32f027885f25095effcaaa4d8b4602
Netgear D6300B Command Injection / Misconfiguration
Posted Feb 5, 2014
Authored by Daniel Sauder, Pascal Uter | Site syss.de

Netgear D6300B routers suffer from remote command injection, root shell spawning, UPnP issues, credentials being submitted in the clear, and additional vulnerabilities.

tags | exploit, remote, shell, root, vulnerability
SHA-256 | 896c086babecbfe246ba805c87d9f85d74b7f8d36859c8eca2c8d15b625be9c7
Inteno DG301 Remote Command Execution
Posted Feb 5, 2014
Authored by Juan J. Guelfo | Site encripto.no

Inteno DG301 remote command execution proof of concept exploit.

tags | exploit, remote, proof of concept
systems | unix
SHA-256 | 676c063a123bb6632d0c3722f2eb7566064d177f5285af48d6fca8019e6a8363
Core FTP Server 1.2 DoS / Traversal / Disclosure
Posted Feb 5, 2014
Authored by Fara Denise Rustein, Luciano Martins

Core FTP Server version 1.2 suffers from denial of service race condition, password disclosure, and directory traversal vulnerabilities.

tags | exploit, denial of service, vulnerability, file inclusion, info disclosure
advisories | CVE-2014-1441, CVE-2014-1442, CVE-2014-1443
SHA-256 | cdd4723d3be809710e87bcb55c3ae14a73cde7aec28bad3f8f208fa620b79cce
Drupal Tagadelic 6.x Information Disclosure
Posted Feb 5, 2014
Authored by Michael Hess | Site drupal.org

Drupal Tagadelic third party module version 6.x suffers from an information disclosure vulnerability.

tags | advisory, info disclosure
SHA-256 | 34450b5c7ab2e02cb75dbe9e1d9c4dd028ed9fe5af6b80ff5d4a9f318239bfc0
EMC Documentum Foundation Services (DFS) Content Access
Posted Feb 5, 2014
Site emc.com

EMC DFS server may be vulnerable to malicious attacks that may allow access to content on the DFS file system. This is due to the way the DFS web service is used to upload content. Affected products include EMC DFS 6.5, 6.6, 6.7, 7.0, and 7.1 with all their service packs and patch versions.

tags | advisory, web
advisories | CVE-2014-0622
SHA-256 | ef4cb3d0f88f5998a859dfbf420714ce2b91e529bc2093489f021ec4eabeffef
Red Hat Security Advisory 2014-0137-01
Posted Feb 5, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0137-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed in the Adobe Security bulletin APSB14-04, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.336.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2014-0497
SHA-256 | 04865d9bb71ac1548718bbedace58ba354f7776bf4858cffbc8a461a4e55cffc
Rooting Windows Server Using PHP Meterpreter Webshell
Posted Feb 5, 2014
Authored by Hasan Sharukh, Anshul Gupta

This whitepaper discusses rooting windows server using the PHP Meterpreter Webshell in Metasploit.

tags | paper, root, php
systems | windows
SHA-256 | 969178f6ff5208ad667a07134dd268f1f3afb8fbcc598cfc6a4095ef57d2b50b
Bandizip 3.09 DLL Hijack
Posted Feb 5, 2014
Authored by Osanda Malith

Bandizip version 3.09 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2014-1680
SHA-256 | c62b674cac9e10905ad964d283c5a0a404b0d9e48891039a010f360cc74e0895
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close